Databases Reference
In-Depth Information
Using this information, it is then possible to extract sequences of operations
from
Access
(
R, t
i
,t
j
) that are delimited by role changes, that is, in a session,
the user switched roles. For example, the first part of a particular user ses-
sion may contain 10 operations the user executed with role
ro
1
and then 20
operations with role
ro
2
, all operations against relation
R
. Extracting all in-
formation relevant to a user
u
can easily be done using SQL query statements
against
AccessP rof
(
R, t
i
,t
j
).
Of particular interest in profiling users, of course, is to determine their
typical behavior. So one might ask “what is the typical sequence of opera-
tions, role enablings, and particular modifications a user is performing in a
given session?”. For this, existing data mining techniques can be used, for ex-
ample, temporal sequence learning [33]. User sessions then can be compared
and evaluated in terms of similarity, typical patterns, and anomalous access
patterns. Note, however, that the above profiling tasks all refer to a single
relation
R
. The construction of more complex profiles and their analysis will
be detailed in the next section.
In general, the above techniques show that it is important to deter-
mine precise metrics of interest for the user profiling approach. That is,
one has to establish clear objectives that can be computed from a data
access profile. For example, if the time window underlying a data access
profile
AccessP rof
(
R, t
i
,t
j
) covers a whole week from Monday to Sun-
day, then the profile of a user
u
with respect to the relation
R
, denoted,
UserProf
(
R, u, t
i
,t
j
) may include information about the following measures:
(1) number and duration of sessions, (2) names of roles that have been en-
abled during a session, including timestamps of when roles where enabled,
(3) number of operations against
R
per session and role setting, (4) typical
sequence of operations in a session (per role), (5) typical values of attributes
inserted or modified, and typical properties of tuples deleted. As done for
the other types of profiles introduced in the previous sections, a user profile
UserProf
(
R, u, t
i
,t
j
) can be managed as measure-value pairs (in auxiliary
relations) for easy inspection and use by security mechanisms. It should also
be noted that the above tasks can be extended to capture information about
the execution of stored procedures by a user.
The above is not a comprehensive list but shows some important measures
that can easily be computed from access profiles and presented to personnel
conducting the security re-engineering process. The main purpose here is to
provide such personnel with insights into who performs what types of oper-
ations in what settings on a given relation. In particular, these profiles can
serve as a starting point for a more comprehensive user evaluation and pro-
filing approach, as detailed in the next section.
